What is claimed is: 

1. An enterprise network comprising: 
a plurality of local area netwVks; 

at least one service delivery unit having a data port and a network interface 
5 port; \ 

the network interface port coupled to a wide area network; 
the data port coupled to the plurality W local area networks; and 
a policy server, communicatively coupled to the at least one service delivery 
unit, the policy server including policies for bandwidth allocation stored on a 
10 computer readable medium, such that the servicAdelivery unit selectively allocates 
bandwidth to users based on the policies stored in W policy server. 

2. The enterprise network of claim 1, and furtheX including a router coupled 
between the data port and the plurality of local area networks. 

15 \ 

3. The enterprise network of claim 1 , wherein the data port is coupled to the 
local area network over an Ethernet connection. \ 

4. The enterprise network of claim 1, wherein the at least We service delivery 
20 unit includes a cache that stores policies retrieved from the policV server. 

5. The enterprise network of claim 1, wherein the policy server includes at least 
two servers that are located at geographically different locations in tne enterprise 
network. \ 

25 \ 

6. The enterprise network of claim 5, wherein service delivery unita that are 
located at geographically different locations from the at least two servers communicate 
with one of the at least two servers over a permanent virtual connection in uie wide 
area network. \ 
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7. The enterprise network oV claim 6, and wherein the permanent virtual 
connection comprises a secure collection. 

8. The enterprise network of claim 1, wherein the at least one service delivery 
5 unit includes router functionality. \ 

9. The enterprise network of claim l\vherein the policies stored on the policy 
server include data that the at least one servifce delivery unit uses to prioritize access 
to bandwidth over the wide area network and V) control the amount of bandwidth 

10 allocated for each request. \ 

10. The enterprise network of claim 1, wherekAhe at least one service delivery 
unit uses service mapping in allocating bandwidth to V user based on the policies 
stored on the policy console. \ 

15 \ 

11. A service delivery unit, comprising: \ 

a network interface port coupleable to a wide areaWtwork; 
a data port coupleable to a plurality of local area networks; 
a policy server interface coupleable to a policy serves that includes policies for 
20 bandwidth allocation stored on a computer readable medium;Wd 

a central processing unit, communicatively coupled to me network interface 
port, the data port and the policy server interface, wherein the Central processing unit 
executes instructions to selectively allocate bandwidth in the wiofe area network for 
users of the plurality of local area networks based on the policies stored in the policy 
25 server. \ 

12. The service delivery unit of claim 11, wherein the central processing further 
executes instructions to perform router functions for the data port. \ 
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13. The service delivery unitW claim 11, and further comprising a cache for 
caching policies retrieved from the\policy server. 

14. The service delivery unit of clami 11, wherein the network port comprises an 
5 interface that is coupleable to communicW with the wide area network over a number 

of permanent virtual connections. \ 

15. The service delivery unit of claim 11, wherein the central processing unit uses 
service mapping to allocate bandwidth. \ 

10 \ 

16. An enterprise network comprising: \ 

at least one local area network at a first geographic location; 
at least one additional local area network at a Second, different geographic 
location; \ 
15 a first service delivery unit having a data port that is coupled to the at least one 

local area network and a network interface port that is coupled to a wide area 
network; \ 

a second service delivery unit having a data port that is coupled to the at least 
one additional local area network and a network interface port that is coupled to the 
20 wide area network; and \ 

a policy server, communicatively coupled to the first and second service 
delivery units, the policy server including policies for bandwidtn allocation stored on 
a computer readable medium, such that the service delivery unita selectively allocate 
bandwidth to users based on the policies stored in the policy server. 
25 \ 

17. A method for providing bandwidth management in an enterprise network, the 
method comprising: \ 

receiving a request for connection over a wide area network; \ 
classifying the request; \ 
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identifying global policies that relate to the request; and 
applying the identified policies to control the priority and amount of bandwidth 
to allocate to the request over thevwide area network. 



5 18. The method of claim 17, whetein classifying the request comprises: 
identifying the user by IP addre\; and 
identifying the type of request. 

19. The method of claim 17, wherein identifying policies comprises: 
10 identifying policies in a cache of a servic\ delivery unit; and 

when applicable policies are not found in tl^e cache, requesting additional 
policies from a policy server. 

20. The method of claim 19, wherein requesting additional policies from the policy 
15 server comprises communicating with the policy server oyer a secure permanent 

virtual connection. 

21. The method of claim 17, wherein applying the identified policies comprises: 
determining the amount and type of bandwidth requesteJJ; 

20 determining the priority for the request; 

determining whether sufficient bandwidth is available; anc 
when sufficient bandwidth is available, selectively assignin^bandwidth to the 
user based on the policies. 
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